AMENDMENTS TO THE CLAIMS 



All pending claims are reproduced below: 

1 . (Currently amended) Apparatus for empirically adjusting access to a database, 
said apparatus comprising: 

coupled to the database, a database discovery module configured to determine 
database structure and authorized accesses to the database; 

coupled to the database, a command monitoring module configured to monitor actual 
accesses to the database until a preselected quantity of actual accesses have 
been observed ; and 

coupled to the database discovery module and to the command monitoring module, 
an analysis module configured to compare actual accesses with authorized 
accesses and configured to adjust authorized accesses taking into account 
results of the comparing by changing settings within a database access control 
module to deny future database access to operations by certain users on 
database tables and columns that were previously authorized but not observed 
by the command monitoring module. 

2. (Previously presented) Apparatus of claim 1 further comprising, coupled to the 
database discovery module and to the analysis module, a storage area configured to accumulate 
data generated by the command monitoring module. 

3. (Original) Apparatus of claim 1 wherein the command monitoring module is a 

sniffer. 

4. (Original) Apparatus of claim 1 wherein the database is a relational database 
accessed by a structured query language. 

5. (Currently amended) A computer-implemented method for empirically adjusting 
access to a database, said method comprising the steps of: 

discovering authorized accesses to the database; 
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observing actual accesses to the database until a preselected quantity of actual 

accesses have been observed ; 
comparing actual accesses with authorized accesses; and 

adjusting authorized database accesses taking into account results of the comparing 
step by changing settings within a database access control module to deny 
future database access to operations by certain users on database tables and 
columns that were previously authorized but were not observed during the 
observing step. 

6. (Original) The method of claim 5 further comprising the step of generating at 
least one third party report based upon observing actual accesses to the database. 

7. (Canceled) 

8. (Original) The method of claim 5 wherein the discovering step uncovers any: 
tables of the database; 

columns of the database; 

authorized users of the database; 

views of the database; 

stored procedures of the database; 

user-defined functions of the database; and 

triggers of the database. 

9. (Previously presented) The method of claim 5 wherein the adjusting step further 
comprises at least one of: 

suggesting revised database access control settings to a database administrator; 
automatically hardening the database for all times of day; 
automatically hardening the database selectively based on time of day; 
alerting a database administrator; and 

continuing to monitor accesses to the database after conclusion of the observing step. 
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10. (Original) The method of claim 9 wherein the database is automatically hardened 
using standard SQL commands. 

1 1 . (Original) The method of claim 9 wherein the database is automatically hardened 
using database specific application programming interfaces. 

12. (Original) The method of claim 5 wherein the observing step has a preselected 
duration. 



13. (Canceled) 

14. (Currently amended) A computer-readable medium containing computer program 
instructions configured to empirically adjust access to a database, said computer program 
instructions performing the steps of: 

discovering authorized accesses to the database; 

observing actual accesses to the database until a preselected quantity of actual 

accesses have been observed ; 
comparing actual accesses with authorized accesses; and 

adjusting authorized database accesses taking into account results of the comparing 
step by changing settings within a database access control module to deny 
future database access to operations by certain users on database tables and 
columns that were previously authorized but were not observed during the 
observing step. 
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15. (Original) The computer-readable medium of claim 14 further comprising the 
step of generating at least one third party report based upon observing actual accesses to the 
database. 

16. (Canceled) 

17. (Original) The computer-readable medium of claim 14 wherein the discovering 
step uncovers any: 

tables of the database; 

columns of the database; 

authorized users of the database; 

views of the database; 

stored procedures of the database; 

user-defined functions of the database; and 

triggers of the database. 

18. (Previously presented) The computer-readable medium of claim 14 wherein the 
adjusting step further comprises at least one of: 

suggesting revised database access control settings to a database administrator; 
automatically hardening the database for all times of day; 
automatically hardening the database selectively based on time of day; 
alerting a database administrator; and 

continuing to monitor accesses to the database after conclusion of the observing step. 

19. (Original) The computer-readable medium of claim 18 wherein the database is 
automatically hardened using standard SQL commands. 

20. (Original) The computer-readable medium of claim 18 wherein the database is 
automatically hardened using database specific application programming interfaces. 

21 . (Original) The computer-readable medium of claim 14 wherein the observing 
step has a preselected duration. 
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(Canceled) 
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